Multiple SSL listen statements and SNI
Dave Hayes
dave at jetcafe.org
Fri Nov 11 02:30:56 UTC 2016
Hello. :) Please consider the following nginx setup:
server {
# server 1
listen 443 default_server ssl;
server_name "";
...
return 444;
}
server {
# server 2
listen 127.0.0.81:443 default_server ssl;
server_name "";
...
return 444;
}
server {
# server 3
listen 127.0.0.81:443 ssl;
server_name "foo.com";
...
}
server {
# server 4
listen 443 ssl;
server_name "thing.com";
...
}
I am at nginx 1.8.1 with SNI support enabled. The behavior I expect from
this is:
- requests to foo.com on 127.0.0.81 will return per the server 3 bucket
- requests to thing.com on the default interface or on 127.0.0.81
will return per the server 4 bucket
- requests to foo.com on the default interface will return 444
- requests to any other SSL site will return 444
The behavior I observe that is different from this expectation is this:
- requests to thing.com on the 127.0.0.81 interface return 444
I would love to know exactly what is going on here. Would anyone be so
kind as to point out what is happening? Thanks in advance.
--
Dave Hayes - Consultant - Altadena CA, USA - dave at jetcafe.org
>>>> *The opinions expressed above are entirely my own* <<<<
Nasrudin, starving with hunger, went to a cafe and began
filling his mouth with food using both hands.
"Why eat with two hands, Mulla?"
"Because I haven't got three."
More information about the nginx
mailing list